gitea/services/auth
Rowan Bohde 407b6e6dfc
allow the actions user to login via the jwt token (#32527)
We have some actions that leverage the Gitea API that began receiving
401 errors, with a message that the user was not found. These actions
use the `ACTIONS_RUNTIME_TOKEN` env var in the actions job to
authenticate with the Gitea API. The format of this env var in actions
jobs changed with go-gitea/gitea/pull/28885 to be a JWT (with a
corresponding update to `act_runner`) Since it was a JWT, the OAuth
parsing logic attempted to parse it as an OAuth token, and would return
user not found, instead of falling back to look up the running task and
assigning it to the actions user.

Make ACTIONS_RUNTIME_TOKEN in action runners could be used,
attempting to parse Oauth JWTs. The code to parse potential old
`ACTION_RUNTIME_TOKEN` was kept in case someone is running an older
version of act_runner that doesn't support the Actions JWT.
2024-11-20 15:24:09 +00:00
..
source Update go dependencies (#32389) 2024-10-31 12:05:54 +00:00
auth_test.go Fix attachment download bug (#27486) 2023-10-10 15:33:56 +00:00
auth_token_test.go Refactor timeutil package (#28623) 2023-12-28 10:09:57 +00:00
auth_token.go Enhanced auth token / remember me (#27606) 2023-10-14 00:56:41 +00:00
auth.go Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00
basic.go Fix basic auth with webauthn (#32531) 2024-11-16 17:52:16 +00:00
group.go Remove Named interface (#26913) 2023-09-05 15:58:30 +00:00
httpsign.go Remove SHA1 for support for ssh rsa signing (#31857) 2024-09-07 18:05:18 -04:00
interface.go Reduce usage of db.DefaultContext (#27073) 2023-09-14 17:09:32 +00:00
main_test.go Enhanced auth token / remember me (#27606) 2023-10-14 00:56:41 +00:00
oauth2_test.go allow the actions user to login via the jwt token (#32527) 2024-11-20 15:24:09 +00:00
oauth2.go allow the actions user to login via the jwt token (#32527) 2024-11-20 15:24:09 +00:00
reverseproxy.go Save initial signup information for users to aid in spam prevention (#31852) 2024-09-09 17:05:16 -04:00
session.go Fix the bug that user may logout if he switch pages too fast (#29962) 2024-03-21 08:48:08 +00:00
signin.go remove util.OptionalBool and related functions (#29513) 2024-03-02 16:42:31 +01:00
source.go Final round of db.DefaultContext refactor (#27587) 2023-10-14 08:37:24 +00:00
sspi.go Save initial signup information for users to aid in spam prevention (#31852) 2024-09-09 17:05:16 -04:00
sspiauth_posix.go Make SSPI auth mockable (#27036) 2023-09-17 23:32:56 +00:00
sspiauth_windows.go Make SSPI auth mockable (#27036) 2023-09-17 23:32:56 +00:00
sync.go Use db.Find instead of writing methods for every object (#28084) 2023-11-24 03:49:41 +00:00